﻿using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Data.SQLite;

namespace festivalDatabase
{
    /// <summary>
    /// UI to assist user in changing the password stored in the DB for their account.
    /// </summary>
    public partial class changePassword : userInterface
    {
        public changePassword(dbAccessor db, DataTable dt)
        {
            InitializeComponent();
            setIcon();
            currentUser = dt;
            dbAccess = db;
        }

        private void changePassButton_Click(object sender, EventArgs e)
        {
            successLabel.Visible = false;
            changePassErrorProvider.Clear();
            if (checkOldPassword()) // check that old password is correct, else report error
            {
                if (newPassTextBox.Text.ToString() != "") // check that  new password is not blank, else report error
                {
                    if (checkNewPasswordsMatch()) // verify new password fields match, else report error
                    {
                        changePass(); // change password
                        successLabel.Visible = true; // notify user of success

                        // execute a query to update the datatable for the current user to reflect the new password
                        SQLiteCommand query = dbAccess.getCommand();
                        query.CommandText = "SELECT * " +
                                            "FROM db_user " +
                                            "WHERE username = @User;";

                        query.Parameters.Add("@User", DbType.String);
                        query.Parameters["@User"].Value = currentUser.Rows[0]["username"];
                        currentUser = dbAccess.executeQuery(query);
                    }
                    else
                        changePassErrorProvider.SetError(changePassButton, "New password and confirm password do not match");
                }
                else
                    changePassErrorProvider.SetError(newPassTextBox, "New password cannot be blank");
            }
            else
                changePassErrorProvider.SetError(oldPassTextBox, "Old password incorrect");

            // clear the password boxes for security and ease of retrying in case of error
            oldPassTextBox.Clear();
            newPassTextBox.Clear();
            newPassConfirmTextBox.Clear();
        }

        /// <summary>
        /// Verifies the password entered in the Old Password text box matches the password currently in the database
        /// for the active user account.
        /// </summary>
        /// <returns>returns boolean to indicate whether old password was correct (1) or incorrect (0)</returns>
        private bool checkOldPassword()
        {
            if (oldPassTextBox.Text.ToString() == currentUser.Rows[0]["password"].ToString())
                return true;
            return false;
        }

        /// <summary>
        /// Verifies NewPassTextBox and NewPassConfirmTextBox contents match.
        /// </summary>
        /// <returns>returns boolean to indicate whether new passwords match (1) or don't match (0)</returns>
        private bool checkNewPasswordsMatch()
        {
            if (newPassTextBox.Text.ToString() == newPassConfirmTextBox.Text.ToString())
                return true;

            return false;
        }

        /// <summary>
        /// Changes the password currently stored in the database
        /// </summary>
        private void changePass()
        {
            SQLiteCommand nonQuery = dbAccess.getCommand();
            nonQuery.CommandText = "UPDATE db_user " +
                                   "SET password = @Pass " +
                                   "WHERE username == @User;";
            nonQuery.Parameters.Add("@Pass", DbType.String);
            nonQuery.Parameters["@Pass"].Value = newPassTextBox.Text.ToString();
            nonQuery.Parameters.Add("@User", DbType.String);
            nonQuery.Parameters["@User"].Value = currentUser.Rows[0]["username"].ToString();
            dbAccess.executeNonQuery(nonQuery);
        }
    }
}
